CVE-2024-52337
Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.
An update for tuned is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
*Credits:
Red Hat would like to thank Matthias Gerstner (SUSE Security Team) for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-11-08 CVE Reserved
- 2024-11-26 CVE Published
- 2025-02-25 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| https://security.opensuse.org/2024/11/26/tuned-instance-create.html | ||
| https://www.openwall.com/lists/oss-security/2024/11/28/1 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:10381 | 2024-11-26 | |
| https://access.redhat.com/errata/RHSA-2024:10384 | 2024-11-26 | |
| https://access.redhat.com/security/cve/CVE-2024-52337 | 2024-11-26 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2324541 | 2024-11-26 | |
| https://access.redhat.com/errata/RHSA-2024:11161 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0195 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0327 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0368 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0879 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0880 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:0881 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:1785 | 2025-02-25 | |
| https://access.redhat.com/errata/RHSA-2025:1802 | 2025-02-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Centos Search vendor "Centos" | Centos Search vendor "Centos" for product "Centos" | * | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | * | - |
Affected
| ||||||
| Red Hat Search vendor "Red Hat" | Enterprise Linux Search vendor "Red Hat" for product "Enterprise Linux" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Fast Datapath Search vendor "Redhat" for product "Fast Datapath" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Aus Search vendor "Redhat" for product "Rhel Aus" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel E4s Search vendor "Redhat" for product "Rhel E4s" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Eus Search vendor "Redhat" for product "Rhel Eus" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Extras Rt Els Search vendor "Redhat" for product "Rhel Extras Rt Els" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Extras Sap Els Search vendor "Redhat" for product "Rhel Extras Sap Els" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Extras Sap Hana Els Search vendor "Redhat" for product "Rhel Extras Sap Hana Els" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Tus Search vendor "Redhat" for product "Rhel Tus" | * | - |
Affected
| ||||||
| Alma Search vendor "Alma" | Linux Search vendor "Alma" for product "Linux" | * | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | * | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Linux Search vendor "Oracle" for product "Linux" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Aus Search vendor "Redhat" for product "Rhel Aus" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel E4s Search vendor "Redhat" for product "Rhel E4s" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Els Search vendor "Redhat" for product "Rhel Els" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Eus Search vendor "Redhat" for product "Rhel Eus" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhel Tus Search vendor "Redhat" for product "Rhel Tus" | * | - |
Affected
| ||||||